Threat Report: The Biggest Cybersecurity Threats of 2020

A lot has changed in the last year. One thing that hasn’t is how relentlessness hackers are in trying to steal your data. That is why it is crucial to stay on top of the latest cybersecurity threats. Webroot recently published their comprehensive 2021 Threat Report on the greatest cyber threats of 2020. We’ve summarized the top threats you need to be aware of to protect yourself and your business.

Ransomware broke new records

  • Ransom payment amounts continue to grow year over year. While 2019 saw an average ransomware payment of $84,116, 2020 saw the following numbers:
    • Q2 2020: $178,254
    • Q3 2020: $233, 817
    • Q4 2020: $154,108
  • Data extortion is becoming a widespread trend in ransomware attacks. This new tactic involves stealing users’ data and threatening to expose it if the victim doesn’t pay. Until recently, most ransomware attacks only involved encrypting someone’s data and then demanding payment in order to decrypt it.
  • Attackers prefer to target businesses with single points of failure.
  • Most ransomware victims are actually infected by more than just ransomware. Attackers usually infiltrate an organization’s network months before deploying a ransomware attack.
  • Combating the risks from ransomware requires multiple layers of protection. No security layer will ever be 100% effective at stopping threats, but by using several layers together, you build a far stronger solution.  

Phishing remains a popular attack vector

  • Phishing attacks are still one of the most popular ways to infect an organization’s network with malware.
  • The companies most often impersonated in phishing attacks in 2020 were eBay, Apple, Microsoft, Facebook and Google.
  • 54% of phishing sites now use HTTPS. Hackers have realized that using the HTTPS protocol gives unsuspecting victims a false sense of security, increasing the likelihood that an attack will succeed.

Watch out for harmful mobile apps

  • Android malware is a real and growing threat. Examples include apps that steal credit card information, ransomware apps, and fleeceware. The term fleeceware refers to apps that offer a legitimate service with hidden, excessive subscription fees.
  • Outdated operating systems accounted for nearly 90% of Android infections.

The web is packed with high-risk URLs

  • Approximately 1 in 10 malicious sites is hosted on a benign domain.
  • Over 81% of all high-risk URLs discovered in 2020 were for phishing.
  • 64.3% of high-risk URLs are hosted in the US­. These numbers are to be expected, as the U.S. is the most targeted nation for phishing.

The COVID-19 pandemic brought unexpected increases in security threats as cybercriminals took advantage of the chaos caused by the rapid shift to remote work. Though companies have increased their cybersecurity measures in the last year, experts agree that as employees continue to work from home, we’re likely to see another record year of phishing attacks, ransomware, malicious URLs, and more. 

Source: 2021 Webroot BrightCloud Threat Report